Blue Screen of Trust

AI-driven security patcher that takes vulnerability findings and automatically generates, commits, and opens production-ready patches as GitHub pull requests.

Comment

Inspiration

We wanted to simplify security checks for organizations by having an AI agent autonomously patch problems and make it easy for developers to upload the changes.

What it does

  • Scans a GitHub repository for vulnerabilities using Semgrep
  • Finds vulnerability information with TinyFish
  • Uses Claude to generate secure code patches
  • Applies fixes on a new branch and opens a GitHub pull request
  • Yutori gives report of Macroscope pull request information

How we built it

  • Semgrep for code scanning
  • TinyFish for vulnerability information
  • Claude to patch vulnerabilities
  • AWS (ECR, ECS, Lambda, S3, CloudWatch) for connecting and hosting services
  • Macroscope for Github pull request validity
  • Yutori to give user Macroscope findings

Challenges we ran into

  • Connecting all the tools to one dashboard
  • Ensuring AI-generated fixes were properly formatted

Accomplishments that we're proud of

  • Built a full detect-fix-verify security workflow
  • Successfully generated real, reviewable GitHub pull requests
  • Automated security remediation end-to-end within a hackathon timeframe

What we learned

  • Automated remediation is much harder than detection
  • Prompt quality and validation significantly affect AI-generated fixes
  • Integrating security tools, AI, and GitHub automation requires careful orchestration

What's next for Blue Screen of Trust

  • Improve fix accuracy of vulnerabilities
  • Add clearer explanations for fixes in pull requests
  • Automatic rescanning of repo

Built With

Share this project:

Updates